How Hackers Hack Into Answering Machines

by Murder Mouse
Section 1: The Introduction
Many years ago I remember reading a tutorial called “Hacking Answering Machines”. This tutorial was apparently written back in 1989, when answering machines were just blossuming into the market. This was back during the days of cassette-recorder answering machines. The tutorial spoke of different vendors and models that used for the most part 2-digit passwords for remote access. It is now the year 2005, and for the most part cassette-recorder answering machines are a thing of the past, replaced by digital answering machines. Surely they’ve beefed up security since then, right? Wrong. The truth is though most answering machines are now digital, and many new features have been added to them since then, the password scheme is still pretty much the same. That is where this tutorial comes into play. To show you, the reader, how to gain access into these newer digital answering machines using the same techniques that were used 15 years ago (yeah, I know, sad isn’t it?). So without further crap….

Section 2: Gaining Access
The easiest way to gain access into an answering machine is to use it’s preset access code. This is the access code set at default by the vendor on the given device. The best thing about this is that most users don’t bother to change the access code to their device, if they even know that they have such a feature. Even worse yet, some of the manuals given for the device by it’s vendor even tells the user that changing the access code is optional, not necessary. So of course since most people only do what they feel is necessary, these access codes are many times if not usually set at default. So what I’m going to do for you now is list the different popular vendors out there, and include their preset access codes, how to use them, and controls to use after gaining access. Keep in mind that if there is no model number beside the vendor, then that means that the information given works on most of their models. Likewise of course if there is a model identification beside the vendor name (placed in parenthesis) then that of course means that the information provided is model dependant. So let’s begin, shall we?

There are also a few random vendors that don’t automatically preset an access code on the machine, forcing it’s user to set one up him/herself. This is a small step forward as far as security is concerned, but every vendor I saw that did this still used a mere 2-digit access code. To test and see if your target has this type of setup press # when the machine start, and then press 0. If the machine returns to the announcement then you know this is the kind of machine it is. Of course, in reality, this isn’t all that bad of a scheme since you have 100 different combinations available for the access code. However, most users simply set these access codes as 11, 22, 69, etc. So yeah, just try it out. If it disconnects you after so many tries, call back from another payphone (which you should be using in this case).

Section 3: The Conclusion
Again, it’s sad that the same failed access code schemes that were used 15 years ago are still used today. It’s just more proof that common sense just can’t keep up with the pace of technology. We can create devices that can store more data, run such data more efficiently, and have it held on smaller and smaller devices, but it seems we just can’t keep that data secure. No matter how many advisories are released, no matter how many security lectures are given, none of it matters, because in the end people prefer ease over security. So until this mentality changes the same crap that worked 15 years ago will work 15 years from now.